CVE-2023-5303 LOW

CVE-2023-5303: Online Banquet Booking System Account Detail view-booking-detail.php cross site scripting

Vendor N/A
Product Online Banquet Booking System
Weakness CWE-79 · XSS
Published September 30, 2023
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

September 30, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-3034 OoohBoi Steroids for Elementor <= 2.1.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple URL Controls CVE-2021-21332 Cross-site scripting (XSS) vulnerability in the password reset endpoint CVE-2023-2476 Dromara J2eeFAST Announcement cross site scripting CVE-2024-4329 Thim Elementor Kit <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter CVE-2022-1335 Slideshow CK < 1.4.10 - Admin+ Stored Cross-Site Scripting